This article was written by Zak El Khatib
This article was written by Zak El Khatib
It feels like it was just yesterday when Microsoft released Windows Server 2012/R2. After a decade long run, Microsoft has officially announced that the OS is reaching its end of support on October 10th, 2023. But what does that mean? Well, as with any software product, Microsoft sooner or later stops supporting old versions of Windows Server. This means that after this date, Microsoft will no longer provide security updates or technical support for Windows Server 2012/R2.
This brings us to an imperative topic of Operating System (OS) lifecycle management. I get it, you have a tonne of backlog work to get through and other projects that are of priority. If you just get this one in early, you won’t be on your backfoot when the CISO comes knocking on your door, trying to rush the rollout and avoid featuring in the next cyber news headline!
OS lifecycle management involves planning, deployment, maintenance, and retirement of an OS. As Windows server 2012/R2 is nearing its End of Life, aka EOL (it creeps up on you sooner than you realise), starting early is crucial to ensure a smooth transition to a newer, supported version of the OS and to avoid potential security or compliance issues. As an SME on this subject, I would like to emphasise the importance of early planning and draw up the pros and cons of doing so.
Planning early for the retirement of an OS like Windows Server 2012 is essential for many reasons, including the following:
1. Security: As an OS approaches EOL, security vulnerabilities become more frequent and severe. This is because attackers know that patches and updates have ceased, leaving the system exposed. By planning early, you can take proactive measures to mitigate these risks and ensure that your system remains secure. Prioritising security before an OS reaches its EOL is crucial to avoiding potential security breaches.
2. Compliance: Compliance requirements for an organisation may demand that it runs only supported software versions. Early planning for upgrading the OS can help the organisation comply with its regulatory obligations.
3. Budgeting: Early planning helps organisations plan their budget for the upgrade to a newer version of the OS. It can help you estimate the cost of upgrading, including hardware and software expenses, and plan the budget accordingly.
4. Business Continuity: Early planning can help organisations avoid downtime during the migration process, which can disrupt business continuity. By planning early, you can minimize downtime and ensure a smooth transition to the new OS.
1. Reduced Risks: Early planning helps organisations reduce the risks associated with migrating to a new OS. It allows them to identify potential issues and address them before they become major problems.
2. Increased Security: Early planning enables organisations to address security vulnerabilities before they become critical, helping to increase the overall security posture of their systems.
3. Better Resource Management: Early planning enables organisations to allocate resources more efficiently, reducing costs and improving the overall efficiency of their IT systems.
1. Time-Consuming: Early planning can be time-consuming, especially when trying to determine the best course of action, testing different migration scenarios, and preparing the infrastructure for the upgrade. 2. Costly: Early planning may require additional resources, such as staffs, tools, and hardware, which can be costly.
In summary, organisations should consider the vendor references and timelines related to the EOL of Windows Server 2012/R2 when planning for the OS lifecycle management. Starting early is crucial to ensure a smooth transition to a newer version of the OS, amongst other benefits such as reduced risks, increase security and compliance, and improve resource management without needing to compromise the organisation’s business continuity. In some instances, organisations may have use cases to extend older versions of Windows Server, Microsoft offers ESU to address this concern.
I know what you are thinking, “what about the Extended Security Updates (ESUs)?” In some instances, organisations may have use cases due to compatibility requirements or legacy applications that still rely on older versions of Windows Server. To address this, Microsoft offers ESU to Windows Server 2012/R2 which provide additional layer of security beyond their end-of-support dates. If you’re thinking to take on ESU, AC3 can help you with planning and implementing the following options:
Migration to Azure
Migrate workloads to Windows Server and SQL Server Azure Virtual Machines. • Azure offers three years of free Extended Security Updates for Windows Server 2012 and 2012 R2 and SQL Server 2012 — only available in Azure.
Purchasing Extended Security Updates (ESUs)
Eligible customers with Software Assurance or an equivalent server subscription is required for customers to purchase ESU for non-Azure hosted servers. Note: This cannot be provided by AC3 as part of SPLA licensing.
It's important to note, ESU should not be seen as a permanent solution but a temporary measure allowing organisations additional time to plan and implement their upgrade to a more modern, fully supported version of Windows Server, yet it is still good to know you have a “snooze” option on the EOL deadline, as buying ESU will provide you access to Microsoft critical and important security updates for up to three years after the end-of-support date!
Options AC3 can help you with modernising your workloads to a newer version of Windows Server with the following options: